package com.cqie.rbac.util;

import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

import javax.servlet.http.HttpServletRequest;
import java.util.Date;

/**
 * @Author 夏兵
 * @Date 2021/9/13
 */
public class JwtUtils {

    // token过期时间  12小时
    public static final long EXPIRE = 1000 * 60 * 60 * 12;
    // 加密的密钥
    public static final String APP_SECRET = "nC1@lO4#tM0%kQ2)dG0!uA0$cB0$sA";

    // 生成token字符串
    public static String getJwtToken(String id, String nickname) {

        return Jwts.builder()
                // 头信息
                .setHeaderParam("typ", "JWT")
                // 加密方式
                .setHeaderParam("alg", "HS256")
                // 设置过期时间
                .setSubject("rbac")
                .setIssuedAt(new Date())
                .setExpiration(new Date(System.currentTimeMillis() + EXPIRE))

                // 设置用户信息 可以加多个
                .claim("id", id)
                .claim("nickname", nickname)
                // 签名方式
                .signWith(SignatureAlgorithm.HS256, APP_SECRET)
                .compact();
    }

    // 判断token的合法性、有效期等进行判断，直接对token进行判断
    public static boolean checkToken(String jwtToken) {
        if (StringUtils.isBlank(jwtToken)) {
            return false;
        }
        Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
        return true;
    }

    // 判断token是否存在与有效，从请求头中获取token
    public static boolean checkToken(HttpServletRequest request) {
        try {
            String jwtToken = request.getHeader("AUTH_TOKEN");
            if (StringUtils.isBlank(jwtToken)) {
                return false;
            }
            Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
        return true;
    }

    // 根据token获取用户信息
    public static String getMemberIdByJwtToken(HttpServletRequest request) {
        String jwtToken = request.getHeader("AUTH_TOKEN");
        if (StringUtils.isBlank(jwtToken)) {
            return "";
        }
        Jws<Claims> claimsJws = Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
        Claims claims = claimsJws.getBody();
        return (String) claims.get("id");
    }

    // 根据token获取用户信息 从请求头中获取token
    public static String getMemberNickNameByJwtToken(HttpServletRequest request) {
        String jwtToken = request.getHeader("AUTH_TOKEN");
        if (StringUtils.isBlank(jwtToken)) {
            return "";
        }
        Jws<Claims> claimsJws = Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(jwtToken);
        Claims claims = claimsJws.getBody();
        return (String) claims.get("nickname");
    }

    public static String getTokenByRequest(HttpServletRequest request) {
        return request.getHeader("AUTH_TOKEN");
    }

    public static String getMemberIdByToken(String token) {
        Jws<Claims> claimsJws = Jwts.parser().setSigningKey(APP_SECRET).parseClaimsJws(token);
        Claims claims = claimsJws.getBody();
        return (String) claims.get("id");
    }
}
